All Articles

Browse by Category:

Browse by Tag:

Government Podcast Privacy Microsoft Malware Ransomware Vulnerability Data Breaches Google Encryption Apple Phishing 2fa Hardware Iot Security Apt Android Ciso Supply Chain Cybercrime Cloud Solarwinds Hacker Movies Internet Black Hat Facebook Labs Research Botnet Cisa Linux Patching Government Agencies Vulnerabilities Log4j Windows Patch Vpn Software Security Apache Open Source Legislation Bug Bounty Networking Gdpr Critical Infrastructure Security Mobile Mozilla Magecart Disinformation Vmware

2327 articles:

Decipher Podcast: Source Code 8/25

Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.

Source Code, Podcast

Exploit Code Published for Ivanti Sentry Flaw

Researchers have published working exploit code for the Ivanti Sentry CVE-2023-38035 flaw.

Ivanti

Researchers Uncover New Lazarus Group Malware Details

The group reused its infrastructure in attacks against internet infrastructure and healthcare organizations in the U.S. and UK, allowing researchers to unearth details about its newest malware tools.

Lazarus Group

Ivanti Warns of Actively Exploited Flaw in Sentry

Ivanti on Tuesday said it “has been informed that CVE-2023-38035 was exploited after exploiting CVE-2023-35078 and CVE-2023-35081.”

Ivanti

Serious RCE Bug Fixed in WinRAR

The makers of WinRAR have released a new version that fixes a serious remote code execution flaw (CVE-2023-4407) in the compression utility.

Patch

Decipher Podcast: Greg Notch

At Black Hat USA, Greg Notch, CISO at Expel, talked about his previous experiences as the former NHL CISO and how to effectively communicate security risk at the board level.

Podcast

XLoader MacOS Malware Variant Resurfaces

A new version of the macOS XLoader malware has been observed.

Macos

Cuba Ransomware Attacks Reveal TTP Modifications

Researchers said they observed new tactics being used by the well-known ransomware group in attacks against a critical infrastructure entity in the U.S. and an IT integrator in Latin America.

Ransomware

Threat Actors Exploit Known Citrix ShareFile Flaw

The ShareFile flaw could allow unauthenticated attackers to remotely compromise the customer-managed ShareFile storage zone controller.

Citrix

Phishing Campaign Targets Zimbra Users

A newly identified phishing campaign is targeting Zimbra Collaboration users around the world.

Zimbra

Ivanti Fixes Flaws in Enterprise Mobile Device Management Software

One of the more serious flaws in Ivanti's enterprise mobile device management platform could allow unauthenticated, remote attackers to execute code.

Vulnerability, Ivanti

Mandiant Releases Scanner for Citrix ADC Bug

Mandiant has released a scanner to identify appliances that have been compromised through exploitation of CVE-2023-3519.

Citrix

Decipher Podcast: John Checco

At Black Hat USA last week, John Checco, resident CISO at Proofpoint, talked about the new SEC cyber rule and its impact for CISOs.

Podcast, Black Hat Usa

The Search For Secure By Design

The U.S. government wants product manufacturers to treat the security of customers as a core business requirement, but there are still challenges that need to be tackled.

Black Hat

Lapsus$ Analysis Finds Need for Better IAM, MFA Deployments

A detailed analysis of the activities of the Lapsus$ hacking group by the Cyber Safety Review Board shows that a focus on the basics and better usage of IAM and MFA technologies are highly effective defenses.

Government, Lapsus$